You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It was observed that ItemStore is unbounded, and add_item does not take any storage deposit. Anyone can bloat the storage, degrade the chain's performance, and make it more costly by adding a massive number of dummy items.
Recommendation
Put a sufficient storage deposit so that it won't be financially viable for a malicious actor to attempt such an attack. Also, add the delete_item function which will delete an item from storage and refund a storage deposit.
The text was updated successfully, but these errors were encountered:
Description
It was observed that ItemStore is unbounded, and
add_itemdoes not take any storage deposit. Anyone can bloat the storage, degrade the chain's performance, and make it more costly by adding a massive number of dummy items.Recommendation
Put a sufficient storage deposit so that it won't be financially viable for a malicious actor to attempt such an attack. Also, add the
delete_itemfunction which will delete an item from storage and refund a storage deposit.The text was updated successfully, but these errors were encountered: